Zentral is an open-source hub for endpoint protection.
Extensions are available for many agents, to deploy and configure them, and to collect, normalize and process the events they generate.
Connectors exist for device management solutions, to track inventory changes, and if possible, dynamically change group assignments.
Events are stored in Elasticsearch. They can be forwarded to third party SIEMs.
Filters can be configured to display events, and trigger actions outside of Zentral.
You can deploy it on your machine with Docker, or start a cloud instance from our custome Zentral all in one images on AWS or Google Cloud Platform.
- Jamf Protect
- Munki
- Osquery
- Santa
- Jamf
- Puppet
- Workspace One
- Watchman
- Filewave
- AWS Kinesis
- Azure log analytics
- DataDog
- Elasticsearch
- OpenSearch
- Panther
- Snowflake
- Splunk
- sumo logic
- Generic HTTP POST endpoint
- Inventory group change (for compatible inventory sources)
- Messaging (email, SMS, Slack, …)
- Tagging
- Tickets (Zendesk, Github, …)